Windows Task Manager does not
provide enough information. These are tools to investigate running processes, programs that run at startup, services and gather additional information to identify them or resolve problems:
These tools will provide information about each process, CPU usage, file description and its location. Most of them are stand-alone apps in a zip file so no installation is necessary.
-- System Explorer
provides a security check
of running processing using their online security database when you first launch the program. Just press the Security Scan
tab at the top, then click Start Security Check
. After the check you can click the link to See the results of the security check >>
. Keep in mind, that the check is not a guarantee of what is or is not detected as malware.
-- Process Explorer
shows two panes by default: the upper pane
is always a process list and the bottom pane
either shows the list of DLLs loaded into the process selected in the upper pane, or the list of operating system resource handles (files, Registry keys, synchronization objects) the process has open. In the menu at the top select View > Lower Pane View to change between DLLs and Handles.
Anytime you come across a suspicious file or one that you do not recognize, search the name using one of the following databases which hosts a collection of lists that provide information on the components of legitimate and malicious programs.
Another option is to search the name using Google <- click here for an example
: When searching for malware removal assistance on the Internet, it is not unusual to find numerous hits from untrustworthy and scam sites which mis-classify detections or provide misleading information
. This is deliberately done more as a scam
to entice folks into buying an advertised fix or removal tool. In some cases if the fix is a free download, users may be enticed to download a malicious file or be redirected to a malicious web site.
If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to one of the following online services that analyzes suspicious files:
In the "File to Scan
" (Upload or Submit) box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed
", click Reanalyze
or Scan again